-BEGIN PGP SIGNED MESSAGE-
Hash: MD5
- --[ Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability ]--
- --[ Type
Information Leakage
- --[ Release Date
March 17, 2003
- --[ Product / Vendor
NetCharts XBRL Server 4.0 is a data visualization service that generates
charts and
Informations :
°°
Website : http://www.hp-planet.de
Version : 1
Problem : Informations disclosure
PHP Code/Location :
°°°
login.php :
-
function passwd2($user)
{
$password=nicht registriert;
if (file_exists(user/.$user..txt))
Informations :
°°
Website : http://dotbr.org
Version : 0.1
Problems :
- phpinfo()
- Informations disclosure
- System commands execution
PHP Code/Location :
°°°
foo.php3 :
-
? phpinfo(); ?
-
config.inc :
- SQL password
- SQL
I will be giving a free presentation on how to write secure programs
for Linux and Unix this coming Thursday, Feb. 20, 2003, at 7-8pm.
It will be at the University of Baltimore in Baltimore, Maryland (USA),
in the Business Center Auditorium.
The presentation is intended for software developers,
Dear Jie Dong,
Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT.
--Sunday, February 16, 2003, 4:30:50 PM, you wrote to [EMAIL PROTECTED]:
JDThe following RTFfile may result in illegal operation :
JD
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - -
GENTOO LINUX SECURITY ANNOUNCEMENT 200302-08
- - -
PACKAGE : nethack
SUMMARY : buffer overflow
DATE:
Informations :
°°
Website : http://www.adalis.fr/adalis.html
Versions : 1.00 - 1.11
Problem : Include file
PHP Code/Location :
°°°
/includes/header.php3 :
---
?php
if ($my_header!=)
{
include ($my_header);
} else {
?
...
